package com.webSite.demo.cy.config;

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import com.webSite.demo.cy.security.MyUserDetailService;

@SuppressWarnings({ "unused", "deprecation" })
@EnableWebSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter{

	@Bean
	public UserDetailsService userDetailsService() {
		return new MyUserDetailService();
	}
	
	/**
	 * 需要加密的方法
	* @Title: passwordEncoder  
	* @param @return    参数  
	* @return NoOpPasswordEncoder    返回类型  
	* @throws
	 */
//	@Bean
//	public PasswordEncoder passwordEncoder(){
//		PasswordEncoder encoder = new BCryptPasswordEncoder();
//		return encoder;
//	}
	
	/**
	 * 测试用的(不用密码加密，该方法已经被废弃)
	* @Title: passwordEncoder  
	* @param @return    参数  
	* @return NoOpPasswordEncoder    返回类型  
	* @throws
	 */
	@Bean
    public static NoOpPasswordEncoder passwordEncoder() {
      return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
    }
	
	@Override
    public void configure(WebSecurity web) {
        web.ignoring().antMatchers("/css/**", "/fonts/**", "/img/**", "/js/**");
    }
	
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http
		.authorizeRequests()
//		.antMatchers("/").permitAll()	
//		.antMatchers("/test").permitAll()
		.antMatchers("/order/**","/admin.html").hasRole("USER")
//		.anyRequest()        // 任何请求,登录后可以访问
//		.authenticated()
		.and()
		.formLogin().loginPage("/test")
		.and();
		http.csrf().disable();
		//使用iframe模式上传图片或者iframe嵌套页面时，会报如下异常信息： 
		//Refused to display in a frame because it set ‘X-Frame-Options’ to ‘DENY’
		//增加http.headers().frameOptions().disable();这个配置后，响应头中就找不到这个配置了。
		http.headers().frameOptions().disable();
		
		//http.rememberMe();
	}
	
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		// 验证类调用
//		auth.userDetailsService(userDetailsService());
//		auth.eraseCredentials(false);
		auth
		.inMemoryAuthentication()
		.withUser("cy").password("660203").roles("USER");
	}
	
	
	
}


